IPSec Configuration Information

By default, MSRIPv6 has a single security policy which allows all IPv6
communication to bypass IPSec authentication without being verified.
In other words, if you do nothing to modify the default configuration,
this implementation will allow all IPv6 traffic to pass unchecked.

To use IPSec to authenticate communication, you need to manually create
entries describing such traffic in our Security Policy (SP) and Security
Association (SA) databases.
We provide utilities to help you do that.
You might also wish to read up on our
SP and SA Databases before diving in.

Some of the documents referenced by this page are present in both HTML and
a Microsoft Office native format (such as Word or PowerPoint).
The latter versions are often easier to read than their HTML counterparts.
If you don't have Office on your machine and would still like to read these,
Microsoft makes available
free viewers
for files in these formats.

One final note: our IPSec implementation is undergoing very active development
and it is likely that one or more of the utilities and file formats involved
in specifying policies, associations, keys, etc. will be changed in the not
too distant future.